Ospf Default Passive Interface

culpri21 · ‎02-21-2024

Hi Folks,

Labbed it quickly & i wondered if it's possible to set interfaces to no passive-interface vlan51 for example and then do a default passive-interface. I found that I couldn't do this without effectively configuring default passive-interface and then doing a no passive on the interfaces that are legit VLANs allowed OSPF transits. Goal here is to minimise disruptions!

Thanks in advance

Speed Test https://vidmate.bid/

MHM Cisco World · ‎02-21-2024

Yes you are correct

""I found that I couldn't do this without effectively configuring default passive-interface and then doing a no passive on the interfaces that are legit VLANs allowed OSPF transits""
this correct for L3SW in router we can add no passive-interface under ospf process in L3SW we need to add no passive under VLAN SVI

MHM

liviu.gheorghe · ‎02-21-2024

Goal here is to minimise disruptions!

In this case, maybe it's better to configure each default interface individually under the routing process.

Regards, LG
*** Please Rate All Helpful Responses ***

Blue_Bird · ‎02-21-2024

Hello culpri21,

router ospf 1

passive-interface default
no passive-interface Vlan202
no passive-interface Vlan203

First, you use passive-interface default then all interfaces will be passive. If you want to disable it for one or more specific interfaces to allow ospf transits, you can use the no passive-interface fa0/0 command or for svi, no passive-interface vlan_id under the OSPF process.

Instead of giving passive-interface default command you can use passive-interface fa0/0 or passive-interface vlan_id to directly enable passiving interface on specific interfaces...to block ospf transits.

router ospf 1

passive-interface Vlan202
passive-interface Vlan203

Best regards
******* If This Helps, Please Rate *******